0

I'm currently developing an iOS app and in which I encrypt some user data with a user-chosen key. The data can be stored locally or in iCloud or both. I also want to allow a quicker access such as 4-digit pin code or drawn pattern.

In both cases I can store an encrypted key in the iOS keychain and decrypt it with the 4-digit code or the pattern string. Basically, I don't store the master key in plaintext to the keychain.

The problem is Touch ID. Currently I'm storing the master key in plaintext to the keychain because I can't figure out how not to. If anyone could give me an idea, concept, pseudo code or whatever, I would really appreciate it.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
imas145
  • 1,959
  • 1
  • 23
  • 32
  • 3
    Implementation details like this are more of a stack overflow concern. – AJ Henderson Dec 30 '14 at 21:18
  • Isn't the keychain *already* encrypted? I was under the impression that that's pretty much the whole point of it. – cpast Dec 30 '14 at 23:09
  • 1
    1. Touch ID is mentioned as a problem, what is the problem? 2. It is unnecessary to encrypt the key when storing it in the Keychain. 3. Using a 4-digit code is **really insecure**. – zaph Dec 31 '14 at 01:22
  • I'm aware that the 4-digit code is not so secure, but that is the user's choice. So I will just store the master key in the keychain as plaintext when Touch ID is enabled. – imas145 Dec 31 '14 at 08:47
  • 1
    I do not wholly agree with "2.". it *could* be necessary to encrypt your data prior to saving it to the keychain, since the keychain could be breached by jailbreaking a device. In some contexts (as protecting corporate sensitive data) this could pose a problem. – Gerald Eersteling Sep 15 '15 at 14:55

1 Answers1

0

The problem is that the PIN and pattern don't contain enough information to create a secure key. They can only be used to unlock things (because you can reject the login after X tries and you may not be able to automate the login process).

If I'm not mistaken iOS already uses PIN or pattern for protection of the key chain; this article seems to concur with this. As Apple does seem to use the PIN or pattern for encryption, it's no wonder that iOS keychain protection is easy to break. But building your own scheme on the same principles isn't going to help, so you might as well stick to the key chain.

The only other way of handling this correctly is to ask the user for a strong password, use PBKDF2 or bcrypt on it and encrypt with the resulting key.

Community
  • 1
  • 1
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263